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Cloud computing is an internet based computing where the sharable 
information, software and resources are provided based on demand devices. 
Where, the rapid development and pervasive growth of unavoidable sending 
of message advances, there are expanding requests of adaptable cryptographic 
natives to protected group data transactions and computing platforms in cloud. 
Group key agreement (GKA) protocol enables a group to share a standard 
encryption key across an open network so that only members of the group may 
decode the ciphertexts encoded using the secret encryption key that has been 
released. However, a sender cannot deny any specific member from 
decryptions the ciphertexts in cloud. However, before sending a message to a 
group, a user must join the group and follow the GKA protocol to provide the 
intended members access to a secret key. To find a better solution for the 
above-mentioned issues, flexible and secure continues data transmission 
(FSCDT) algorithm is proposed to offer dynamic and secure data transfer 
broadcasting without full trust of key authority in unreliable cloud 


environment. It provides compete security proof, outlines the requirements of 
the aggregatability of the secret attribute based FSCDT building block. Based 
on experimental evaluations, FSCDT algorithm minimizes encryption time, 
decryption time and communication cost. 


This is an open access article under the CC_BY-SA license. 


Corresponding Author: 


Dinakaran Muruganandam 

School of Information Technology and Engineering, Vellore Institute of Technology 
Vellore, Tamil Nadu, India 

Email: dinakaran.m @vit.ac.in 


1. INTRODUCTION 

Cloud computing is a web-oriented computing systems where the sharable data, programming and 
assets are given dependent on request devices [1]. The surfacing of cloud has essentially mutilated the overall 
view of infrastructure development, programming system and advancement models. This in the end lead to a 
steep change from centralized storage server to client-server execution models, which thus moves forward to 
assign cloud computing [2]. These current trends on cloud platform consider instant-messaging tools, 
collaborative computing, and social network [3]. The issue of applying the broadcast encryption system to 
cloud storage server discussed about a few security and protection challenges. To overcome the above- 
mentioned issues, flexible and secure continues data transmission (FSCDT) algorithm is proposed to offer 
dynamic and secure data transfer broadcasting without full trust of key authority in cloud environments. It 
defines the requirement for the aggregatability of the basic attribute-based FSCDT building block and provides 
complete security confirmations. The paper contribution is as follows: 
- To develop the FSCDT algorithm for to provide dynamic and secure data transmission broadcasting 

without relying entirely on key authorities in unreliable cloud environments. 
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-  Toset up the FSCDT algorithm with a public group encryption key to provide an effective and dependable 
encryption and decryption procedure for shared data in cloud environments. 

- To build system that has been rigorously demonstrated to be reliable and collusion-resistant under the 
accepted privacy-preserving paradigm. 

- To enable scalable key management in an unstable cloud environment between data owners, data users, 
and cloud service providers. 

- To design a robust framework for identifying and preventing the malicious activities in un-trusted cloud 
environments. To reduce encryption and decryption times as well as communication cost (CC) for speed 
up FSCDT in un-trusted cloud environments in comparison to existing approaches. 

A technique based on attribute-based broadcast encryption is provided in [4] to secure group 
information exchange using attribute-based broadcast encryption. Cloud computing system included the 
internet of things as a foundational event for big data [5]. In order to increase security concerns, it also made 
an effort to develop an architectural handing-off on the organization's security. YRL scheme attack was 
discussed, and it was demonstrated that unauthorized receivers could also decode broadcast messages [6]. In 
the selected cipher text configuration, it obtains anonymity and semantic security under adaptive corruptions. 
A smart medical care city using a multi-agent system (MAS) with a three-layered design is detailed in [7], [8]. 
The method ensures that sensitive health information about residents is protected, with group key arrangement 
(GKA) serving as the cornerstone for safely exchanging medical information across healthcare partners. 
Described group key agreement mechanism based on attribute authentication and privacy protection in [9]. 
Privacy protection is a specific concept in several applications and it assists users in comprehending how each 
privacy pattern is created and how it contributes to data privacy protection [11]. A cloud-based privacy- 
preserving multi-receiver certificate-less broadcast encryption method with de-duplication (PMCBED) that 
relies on anonymous broadcast encryption and certificate-less cryptography is described in [12]. It can satiate 
semantic security considerations of receiver anonymity and information categorization. Anonymous broadcast 
encryption for its merits with reference to communication expense and overburden [13]. The technique 
advances an efficient identity-based broadcast encryption development and applies it to the cloud services' 
information access control component. The flexible, secure cross-cloud information collaboration strategy in 
[14] used proxy re-encryption (PRE) and identity-based cryptography (IBC) techniques. Several cryptographic 
approaches used for query authentication and dispersed information base security [15]. 

The state-of-the-art method on secure and protection safeguarding clinical information sharing of the 
previous decade with an emphasis on blockchain-based methodologies [16]. SKY, a cryptographic access 
control expansion designed to provide privacy and obscurity guarantees while expertly scaling to large 
associations [17]. To combat the complexity of anonymous broadcast encryption (ANOBE) systems, A-SKY 
uses trusted execution environments, achieving computation time and more constrained ciphertexts. Several 
important concerns relating to the security and preservation of EHRs [18]. The data storage lock algorithm 
(DSLA) provides secure information storage in cloud computing is described in [19]. A configurable identity- 
based proxy re-encryption scheme with an external equality test (IBPRE-ET) was investigated [20]. Revocable 
hierarchical identity-based broadcast encryption (RHIBBE) allows for rejection of the HIBBE, was established 
[21]. Ciphertext is designed to be resistant to the bounded revocable identity-vector-set and chosen-plaintext 
attack on prime-request bilinear groupings, usage renunciation. Two layers dynamic broadcasting encryption 
to deal with tackle the issue [22]. The decentralized unique broadcasting encryption and subgroup key trade, a 
structure block use in development that might be of autonomous enthusiasm by designating [23] in cloud. 
However, there are many of the access control authorization obligations as could reasonably be expected to the 
Cloud while limiting the data introduction chances due to conspiring users and cloud [24]. The design that 
underpins various ways to deal with secure information collection in cloud [25]. 


2. METHOD 

The section describes FSCDT algorithm proposes to offer dynamic and secure data transfer 
broadcasting without full trust of key authority in unreliable cloud environment. It offers full security 
confirmations, shows the need of the aggregatability of the basic attribute based FSCDT building block. Here, 
proposed algorithm execution procedure is divided into following phase namely: data owner, group authority, 
cloud storage server, data users, attacker and cloud server provider. Here proposed approach tackles the data 
transportation issues in cloud environment. In this technique provides freedom and full access to data owner to 
change cloud storage server without any privacy issues. This method is efficient in multiple cloud environments 
and as well effective to prevent external malicious attack during data transmission from one cloud to another 
cloud storage server in unreliable cloud environments. 
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2.1. Data owner 

The data owner should be enrolled with client name, email and group, subsequent to enlisting user’s 
needs to login by utilizing substantial client name and secret password. The data owner peruses and transfers 
their information to the cloud server. For the security reason the information, data owner encrypts information 
(document, image and video) and afterward stores in cloud server. Data owner is responsible for characterizing 
(attribute based) access policy and upholding it on its own information by encoding the information under the 
arrangement prior to putting away it to the storage cloud server. 


2.2. Key authority 

The keyauthority is responsible for enrolling and login approval for the end clients in the event that 
they are in similar groups and furthermore see bunch clients, bunch signs and enlisted client. Where, key age 
measure produces people in public/private parameters for attribute-based encryptions. The key authority 
contains focal power and different neighborhood specialists. It expects that there are secure and dependable 
correspondence ways between a focal position and every neighborhood authority during the underlying key 
arrangement and age measure. Every closest authority oversees various ascribes and issues comparing 
characteristic mystery keys to information customers. Key authority grant differential access rights to 
individual clients dependent on the user’s attributes. 


2.3. Cloud storage server 

The Storage worker is liable for information stockpiling and record approval for data user and data 
owner. The information (document, image and video) file will be put away in cloud server with their labels, 
for example, owner, record name, secret key, and private key, can likewise see the enlisted owners and data 
consumer in the cloud storage server. The information file will send dependent on the advantages. On the off 
chance that the advantage is right, at that point the information will be sent to the comparing information 
consumer and furthermore will check the record name, end username and secret key. 


2.4. Data user 

The data user will ask for getting data information from the comparing cloud storage servers. If the 
document name and secret key, access authorization like search and download is right then the end is getting 
the record reply from the cloud storage server to data user. In the event that a data user has a bunch of keys for 
fulfilling the access policy of the encoded information characterized by the data owner, and is not revoked in 
any of the traits, at that point he/she will have the option to decode the cipher text and recover the information 
from cloud. 


2.5. Attacker 

Attacker is one who is attempting to get records by giving secret key to get the information from cloud 
storage server. The assailant might be inside a group or from outside of the group. In the event that Attacker r 
is from inside the group, at that point those assailants are called as internal attackers. In the event that the 
assailant is from outside the groups, at that point those aggressors are called as external attackers. 


2.6. Flexible and secure continues data transmission algorithms 

FSCDT algorithm is designed to offer dynamic and secure data transfer broadcasting without full trust 
of key authority in unreliable cloud environment. Proposed method is utilized to make sure about information 
shared among data owner and data user by means of secure key about the protection of their information 
imparted to their data users in unreliable cloud. The proposed solution formalizes settlement blockage by 
posing an attacker who can completely seize control of everyone outside of the intended recipients but is unable 
to distinguish valuable data from cipher text on a cloud storage server. Simply the accumulated decoding keys 
of a single individual are valid unscrambling keys when compared to the combined public keys of the hidden 
encryption. The proposed device is used to impervious classified content and is utilized globally for credential 
data encryption and decryptions. The specific round of keys is deployed. Each group consists of steps, which 
have a substitution, transposition, and mixing of plain content. Then, the right content is exchanged into 
encoded content. Proposed technique develops encryption conspire firmly demonstrated to be completely 
agreement safe under standard privacy preserving model. The proposed technique offers productive 
encryption/decryption and short ciphertexts. In this case, setting up the proposed architecture and creating the 
public group encryption key just require one cycle. The capacity value of the owner and the group authority 
after the framework configuration is O. (n). Where, the range of group authority contributions during setup is 
denoted by the number n. The proposed solution bridges the gap between the online presentation and the 
multidimensional setup. The variant has O (n2=3) unpredictable correspondence, processing, and storage in a 
cloud environment after a tradeoff. This is equal to standard proposed method have O (n1=2) unpredictability 


Indonesian J Elec Eng & Comp Sci, Vol. 30, No. 2, May 2023: 1192-1200 


Indonesian J Elec Eng & Comp Sci ISSN: 2502-4752 O 1195 


in comparable execution measurements. The technique access policy need not be sent alongside the cipher text, 
by which we can protect the security of the encryptor. The method scrambled information can be kept secret 
regardless of whether the cloud storage server is untrusted; in addition, proposed techniques are secure against 
agreement assaults. When, the original cipher text is produced for a set of users who have highlighted a certain 
unique characteristic for instance. When a portion of the receivers is rejected, if the character information about 
them isn't guaranteed, the unique attribute held by the full recipients will be made public by the revoked user. 
It also consists of the stages that follow. 

Setup: Given a protection boundary, the association calculation arbitrarily selections a bilinear 
gathering Bg= (G, GT e, p) with generator P€G. It picks s © Zp and units Ppub = sP. 

Then At that factor it preferences cryptographic hash features:{ 0, 1}*—G. 

The group public key and the Master secret key are mpk = (BG,P, Ppub,H),msk = s: 

KeyGen (mpk, msk, Ik): Given the master key pair (mpk; msk) and a person traits Ik © {0, 1}* key 
generation strategies restores a user private key as dID = sH(Ik): 

Encrypt (mpk; M; S): Given the master public key mpk, a message M © G and an characteristics 


s set S= (Ik1, Ik2,,,, Ikn), the encryption algorithm options a specious user signified as IkO E Sand proceeds 
as follows; 

1. Randomly pick out an encryption key KEG and arbitrary numbers rl €Zp, calculate CO=K1+M, 
Cl=r1P 

2. For eachi=[0,n],calculate xi=H1 eHUDi), Poub, ID; 

At that factor it assemblespolynomial functions as (1). 


. x-X; j 
fi(x= eojen a) Tg a,j x! mod p (1) 
It estimates 
Qi — er a; iA; ; U; => pa aij B; (2) 


The output cipher text is CT= (CO, C1, C2, C3, rl, [Qi, Ui}_p) 


Revoke (mpk, CT, R): Given a cipher text CT which is parsed as the master public key CT= 
(CO, C1, C2, C3, r1, [Qi, Ui]j_,) the master public key mpk and a forgake character set R = (IDI1, ID12, IDIt) 
where t < n. If R =@, the revocation technique units the new cipher text CT’=CT. Randomly pick out K2 € G 
and tactics Co'=K2+C0. 


For every [DiER, method x; = H(e(H(ID,), Pan) ID;) and construct. 

9(x) = Tizi(« — x:) = Dizo bi x! mod p (3) 
For i=0,1,2,---, t process. 

Qi = Qi+ biK, 
What’s more, set the new ciphertext as a 

CT’ =(G,. Cib0, Big ty DEL, Cg  evatedees pas oteiasctousies UUs piipieiiedaes Un) 
Decrypt (mpk, CT'IDi,dID):Given a cipher text parsed CT’ which is parsed as 

CT =(G;, C0; bi, * 4 bid Woe weee Gis ccointeeae (te eee Un) 

The master public key mpk, identification IDiand the consequent private key d/Di, the decryption 
method executes as follows; 

Compute xi=H(e(C1,dIDj),IDi) 

9(%1) = Liao bjx} + xf mod p (4) 

If g(xi)=0, it in advance ends, else, it schedules 


U=U04x;U 14+x2U2+---+xinUn, 
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G@ = Gy ay ted ticedesecle ss hi Get age xeU,, 
Use the private key d/D;to get well the encryption keys with the aid of computations 
Ky =U- H(e(C3, djp;),1d;) 


K = g(xi)-*(q — H(e(C, dip;), Idi) 


Furthermore, collect the message M'=C)'—K,'—K2'. If IDi€S\R, we have K"1= K1, K’2= K2K2 and can 
accumulate the message M effectively. 

In addition to the requirement that the message and the user be protected from the public by the cipher 
text CTO, the message must also be unexpected from CT and CT must safeguard the recipient's privacy from 
outsiders. The proposed approach offers more than just content privacy. To protect origin identification and 
semi-anonymity, it also includes privacy identification and decentralizes the central authority. Therefore, the 
technology completely conceals the identity and aids in achieving complete anonymity. In this context, there 
are four different types of attributes: Group authorities (abbreviated as Group A), specifically cloud server, 
data owners, and data user. In a single session, a data user may also be both a data owner and a data user. In a 
single session, a data user may also be both a data owner and a data user. Encrypted data files are uploaded to 
the cloud server by the data owner. Proposed system prefers encryption for forwarding the token & secret keys 
for authorizes them to function the operations. In a system, the decryption of an encrypted data is solely one 
situation is accessible solely if the user secret key of the set of attributes fits the attributes of the cipher text 
then encrypted data will be transformed in plain text. A proposed approach is collusion-resistance; where, 
adversary holds multiple keys. It needs to be capable to get access to the data; if at least one particular key 
access approval. The keys are supplied via a system to users is used to operate the operations for having access 
to the file data from the cloud server. 


3. RESULT AND DISCUSSION 
3.1. Deployment setup 

The proposed FSCDT algorithm is executed against standard approaches using a laptop running 
Windows 10 with an Intel 17Core CPU, 8 GB of RAM, and 500 GB of storage. Here, the proposed approach 
is implemented in a Java web application with the help of the NetBeans 8.0 IDE (integrated Development 
Environment), a JProfiler MySQL 5.7 database, and the Jelastic open-source cloud server for cloud deployment 
of the algorithm-integrated application. For proposed FSCDT approach evaluation, the experimental system 
utilized 5 kinds of users 200, 400, 600, 800, and 1,000 with 3 types of data namely documents, images and 
videos. For transmitting the owner data from data owner to data user and cloud storage server, Java based 
developed effective and secure data migration with reliable data transmissions model is used. 


3.2. Simulation result 

The proposed method represents mathematical expression that will increase the security of cloud 
storage servers. The privacy approach that is being works with data owner and data user. The content of the 
data owner will be safe throughout data transfer and retrieval in an unstable cloud environment even when 
cloud storage servers are no longer completely dependable on key authorities. Consider the proposed flexible 
and secure continues data transmission algorithm's scalability, decryption time, and communication costs. 


3.3. Encryption time (ET) 

In this section, proposed method for describing the mathematical model of encryption in (5). Data 
transfer or a message M, the public key PK, and a collection of attributes I are the inputs for this method. The 
cipher-text CT is carried out in the following manner: 


CT = CCT {CT;}iel) (5) 
where “CT = MYs, CTi = Asi , and s is randomly chosen from Zp. 
3.4. Decryption time (DT) 

In this section, proposed method denotes the mathematical model of decryption time in (6). The 


attribute set I is received by this method and entered as cipher-text CT encrypted information the user's public 
key PK and secret key SK for accessing tree a. It carries out the decryption process in (6). 
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Where CT=Chiper-text and ski=user secret key issue for attribute I leaf nodes. The polynomial interpolation 
approach is then used to sequentially integrate the paired results. Last but not least, it improves the blind item 
Ys = CT (g, g) ys and displays the message M only if I is satisfied A. 


3.5. Communication cost (CC) 

The CC is calculation of complete quantity of data transportation in unreliable cloud environment. 
The proposed FSCDT algorithm elaborates a mathematical expression in (7) to consider the communication 
cost in %. The CC is evaluated with recognization of data transfer rate with data sizes. 


CC = 2Rtransfer y 199 (7) 


DcOonsize 


Where, DRiransfer is data transfer rate, and DConsgize is the total size of data. 

Table | displays the communication cost (%), encryption time (Milliseconds), and decryption time 
(Milliseconds) for 200, 400, 600, 800, and 1,000 Users. The PPIBE scheme, the AIBE approach, the EDABE 
scheme, and the EAIBE existing methodologies are all compared to the proposed FSCDT algorithm. When it 
comes to communications costs and correspondence overload, the [23] is defined with its positive examples. 
The process applies a broadcast encryption technique based on anonymous identification to the data access 
control system in a cloud storage server [24]. However, because the key data is not updated immediately, it 
may cause a bottleneck in the rekeying system or security corruption [25]. The sender is permitted by the 
proposed approach to prevent some people from reading the ciphertexts. The proposed FSCDT method 
formalizes collusion resistance by defining an aggressor who can fully control every group member outside of 
the expected receivers but who is unable to extract useful information from the encrypted text [26]. The 
proposed FSCDT method assesses communication cost in (%), encryption time (in sec), and decryption time 
(in sec). Where, it noticed that proposed FSCDT algorithm indicates betters outcomes compare other than 
current methodologies alongside with common values for respective parameter. Table 1 shows the minimized 
0.88 encryption time (seconds), 0.68 decryption time (seconds) and communication cost 31.6% for 200, 400, 
600, 800, and 1,000 users rather than existing methodologies along with average values for respective 
parameter. transmission (FSCDT) algorithm is the best approach in unreliable cloud environment. 


Table 1. Encryption time (ET) in milliseconds, decryption time (DT) in milliseconds and communication cost 
(CC) in % for 200, 400, 600, 800, and 1,000 users 


User 200 400 600 800 1,000 
Technique ET DT CC ET DT CC ET DT CC ET DT CC ET DT CC 
PPIBE 25) 2 199 4.3 3 190 52 3.5 101 7 4.6 80 9 5 60 
AIBE a) 9 498 14 16 488 21 24 241 31 34 186 36 40 126 
EDABE 4 1.5 211 5 2.2 195 3.8 2.7 92 5:5 3.3 71 7 4.5 51 
EAIBE 1.6 0.95 201 2.7 2.0 180 3.0 2.3 98 4.2 3.0 66 5.3 4 54 


FSCDT 0.95 0.42 121 2.22 0.92 115 1.5 1.8 95 3.95: 2:5 70 3.8 3.2 40 


According to proposed FSCDT algorithm evaluation result in Figure 1, Figure 2, and Figure 3 for 200, 
400, 600, 800, and 1,000 Users. Where, it observed that proposed flexible and secure continues data behalf of 
encryption time, decryption time and communication cost, proposed FSCDT algorithm display that it always 
yields the best performance in both all graphical and tabular result. PPIBE discussed against an active attacker 
and consumed less storage and communication cost for data embedding during broadcasting the message. 
Where, it secures the protection of recipients of broadcasted messages by concealing the personalities of 
receivers in storages [27]. 

But the method failed to provide user protection and organization security during data transmissions. 
AIBE scheme explained about decoded text and secret keys which are undefined for the various beneficiaries 
set in cloud. However, it would possibly convey about bottleneck for the duration of rekeying system or privacy 
error due to the data of the windows weakness if the previous private key is not refreshed EDABE scheme 
adopted lagrange interpolation polynomial. Where, privacy recreation defined, the adversary is forbidden to 
trouble decryption queries. However, the scheme did not gain safety towards adaptive chosen-cipher text attack 
(CCA2) adversaries. 

EDABE described with its favorable situations in the regards of communication cost and 
correspondence over-burden. Neither traditional symmetric GKA nor the recently expressed GKA permit the 
sender to unilaterally exclude a specific member from perusing the plaintext. Proposed framework attributes 
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are utilized to give an explanation for a client's accreditations, and a group encoding data decides a strategy for 
who can decrypt in cloud environments. 
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Figure |. Encryption time (Milliseconds) for 200, 400, 600, 800, and 1,000 users 
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Figure 2. Decryption time (seconds) for 200, 400, 600, 800, and 1,000 Users 
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Figure 3. Communication cost for 200, 400, 600, 800, and 1,000 users 
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To operate unscrambling effectively, the revoked user character data ought to be joined as an aspect 
of cipher text and regarded publicly, which probably would not be desired in certain applications. The 
authorized user may easily and safely safeguard the encoded message. Proposed technique reduces 0.88 
encryption time, 0.68 decryption time and 31.6% Communication value for 200, 400, 600, 800, and 1,000 
Users. Hence, it can be stated that proposed FSCDT algorithm performs properly on every contrast parameter 
and respective compare than existing methodologies. 


4. CONCLUSION 

In order to enable dynamic and secure data transmission broadcasting in addition to complete 
confidence in key authority in an unstable cloud environment, the paper introduces the FSCDT method. In the 
cloud storage server, the proposed scheme's privacy has been shown to be semantically impenetrable. It 
represents the need for the aggregatability of the hidden attribute-based FSCDT building component and offers 
complete security assurances. The encoded message can be safely ensured and permitted which user can obtain 
with details. The revocation process does not produce any data on the content of the message or the 
personalities of the beneficiaries. The proposed system's security is demonstrated by the fact that it is 
semantically impermeable in the cloud storage server. For 200, 400, 600, 800, and 1,000 Users, the proposed 
approach decreases 0.88 seconds of encryption time, 0.68 seconds of decryption time, and 31.6% of 
communication costs. Thus, it implies that the suggested FSCDT algorithm outperforms traditional FSCDT 
algorithm can be prolonged in enterprise network of cloud services. Where, multiple types of user from various 
type of cloud types and different locations of data consumer as well datacenter. 
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